Solved

CTB virus

Posted on 2015-01-03
1
159 Views
Last Modified: 2015-01-26
Customer called and says message quotes CBT Encription ...

Looks like rogue virus looking for €

How to solve this ?
0
Comment
Question by:feck1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 88

Accepted Solution

by:
rindi earned 500 total points
ID: 40529216
Disconnect the PC from the internet, then report the incident to the authorities. Although they will be unlikely to be able to help, it is still good to have them involved, as the more info they get, the likelier it will be that they can eventually be able to track the crooks down.

Then, once they have given their OK, scan the PC using malwarebytes so the virus can be removed. After that, if you are very lucky, you might be able to use the "previous version" to recover the file (right click the file you want to recover, select "Properties", then "Previous Versions", and if there are such previous versions available you can restore from that). But as this virus tries to delete any previous versions, that will be very unlikely to work.

A much better way is to just restore the files from the client's backups.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question